MENU

FWMAP

WHAT IS FWMAP ?

fwmap is a tool designed to manage your firewalls. You can build an image
of your network and simply add rules to your firewall by adding used or
provided services to your hosts.

NEWS

24.01.2001 fwmap-0.1.3 is now available. fwmap has a new "ruleengine"
:-), and it's possible to deny packets manually, but it works horrible.
A lot of source is rewritten (i.e. fileformat), so you
can not use 0.1.2 maps in 0.1.3.
I'm working on my english :-)

25.01.2001 fwmap-0.1.4 released. A lot of bugs are fixed and
I hope fwmap is usable now.

11.02.2001 fwmap-0.1.5 released. Documentation added.

FEATURES

supports Linux/ipchains and Cisco Access-Control-Lists

supports other packetfilter via plug-in

SCREENSHOTS

Mainscreen

View

Edit

Sample output

DOCUMENTATION/FAQ

How can I add nodes to my map?Rightclick on an icon and choose 'New Node'. Now enter name and type
for this node and press 'OK'.

How can I add rules to my firewall?

Doubeclick one of your hosts, choose 'Allows' and 'add' a service
this host should use, i.e. "tcp http 192.168.5.5" if this host should use
WWW of host 192.168.5.5.

Where are the rules?

Click 'Create' and you will see them :-)

Can I trust fwmap?

No, not yet (I think you should never because it's just software...).
But fwmap can help you to determine which rules you need. A good motto
is: If you have less rules than fwmap you should find out why... :-)

EXAMPLES

You have a network (192.168.2.0/24) connected throu your firewall
(192.168.2.1/24) to the internet. Your map and your nodelist should look
like:

As you can see fwmap denies all packets to your firewall automatically.
If you think fwmap doesn't because there's no DENY for 192.168.1.1/32 on
ser0 I can say fwmap removed this rule because there's a DENY for every
packet.

Now we add a logserver on firewall/eth0 and add the following services
to firewall: